Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-11671
HistoryMay 04, 2020 - 2:15 p.m.

CVE-2020-11671

2020-05-0414:15:13
Google
osv.dev
5

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

34.4%

JSON

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default.

Related

veracode 1
github 1
nvd 1
prion 1
cvelist 1
osv 1
cve 1
openvas 1
veracode
veracode
Missing API Authorization Checks
2020-05-05 09:51:53
github
github
Missing Authorization in TeamPass
2021-07-26 21:22:13
nvd
nvd
CVE-2020-11671
2020-05-04 14:15:13
prion
prion
Design/Logic Flaw
2020-05-04 14:15:00
cvelist
cvelist
CVE-2020-11671
2020-05-04 13:27:36
osv
osv
Missing Authorization in TeamPass
2021-07-26 21:22:13
cve
cve
CVE-2020-11671
2020-05-04 14:15:13
openvas
openvas
TeamPass <= 2.1.27.36 Multiple XSS Vulnerabilities
2019-08-09 00:00:00

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

34.4%

JSON
Related for OSV:CVE-2020-11671
veracode1github1nvd1prion1cvelist1osv1cve1openvas1